Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-4758
cve-2010-4758
otrs
installer.pl
security vulnerability
password security
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.9%
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
Affected configurations
Node
otrsotrsRange≤3.0.2
ORotrsotrsMatch0.5beta1
ORotrsotrsMatch0.5beta2
ORotrsotrsMatch0.5beta3
ORotrsotrsMatch0.5beta4
ORotrsotrsMatch0.5beta5
ORotrsotrsMatch0.5beta6
ORotrsotrsMatch0.5beta7
ORotrsotrsMatch0.5beta8
ORotrsotrsMatch1.0rc1
ORotrsotrsMatch1.0rc2
ORotrsotrsMatch1.0rc3
ORotrsotrsMatch1.0.0
ORotrsotrsMatch1.0.1
ORotrsotrsMatch1.0.2
ORotrsotrsMatch1.1rc1
ORotrsotrsMatch1.1.0rc1
ORotrsotrsMatch1.1.0rc2
ORotrsotrsMatch1.1.1
ORotrsotrsMatch1.1.2
ORotrsotrsMatch1.1.3
ORotrsotrsMatch1.1.4
ORotrsotrsMatch1.2.0beta1
ORotrsotrsMatch1.2.0beta2
ORotrsotrsMatch1.2.0beta3
ORotrsotrsMatch1.2.1
ORotrsotrsMatch1.2.2
ORotrsotrsMatch1.2.3
ORotrsotrsMatch1.2.4
ORotrsotrsMatch1.3.0beta1
ORotrsotrsMatch1.3.0beta2
ORotrsotrsMatch1.3.0beta3
ORotrsotrsMatch1.3.0beta4
ORotrsotrsMatch1.3.1
ORotrsotrsMatch1.3.2
ORotrsotrsMatch1.3.3
ORotrsotrsMatch2.0.0
ORotrsotrsMatch2.0.0beta1
ORotrsotrsMatch2.0.0beta2
ORotrsotrsMatch2.0.0beta4
ORotrsotrsMatch2.0.0beta5
ORotrsotrsMatch2.0.0beta6
ORotrsotrsMatch2.0.1
ORotrsotrsMatch2.0.2
ORotrsotrsMatch2.0.3
ORotrsotrsMatch2.0.4
ORotrsotrsMatch2.0.5
ORotrsotrsMatch2.1.0beta1
ORotrsotrsMatch2.1.0beta2
ORotrsotrsMatch2.1.1
ORotrsotrsMatch2.1.2
ORotrsotrsMatch2.1.3
ORotrsotrsMatch2.1.4
ORotrsotrsMatch2.1.5
ORotrsotrsMatch2.1.6
ORotrsotrsMatch2.1.7
ORotrsotrsMatch2.1.8
ORotrsotrsMatch2.1.9
ORotrsotrsMatch2.2.0beta1
ORotrsotrsMatch2.2.0beta2
ORotrsotrsMatch2.2.0beta3
ORotrsotrsMatch2.2.0beta4
ORotrsotrsMatch2.2.0rc1
ORotrsotrsMatch2.2.1
ORotrsotrsMatch2.2.2
ORotrsotrsMatch2.2.3
ORotrsotrsMatch2.2.4
ORotrsotrsMatch2.2.5
ORotrsotrsMatch2.2.6
ORotrsotrsMatch2.2.7
ORotrsotrsMatch2.2.8
ORotrsotrsMatch2.2.9
ORotrsotrsMatch2.3.0beta1
ORotrsotrsMatch2.3.0beta2
ORotrsotrsMatch2.3.0beta3
ORotrsotrsMatch2.3.0beta4
ORotrsotrsMatch2.3.0rc1
ORotrsotrsMatch2.3.1
ORotrsotrsMatch2.3.2
ORotrsotrsMatch2.3.3
ORotrsotrsMatch2.3.4
ORotrsotrsMatch2.3.5
ORotrsotrsMatch2.3.6
ORotrsotrsMatch2.4.0beta1
ORotrsotrsMatch2.4.0beta2
ORotrsotrsMatch2.4.0beta3
ORotrsotrsMatch2.4.0beta4
ORotrsotrsMatch2.4.0beta5
ORotrsotrsMatch2.4.0beta6
ORotrsotrsMatch2.4.1
ORotrsotrsMatch2.4.2
ORotrsotrsMatch2.4.3
ORotrsotrsMatch2.4.4
ORotrsotrsMatch2.4.5
ORotrsotrsMatch2.4.6
ORotrsotrsMatch2.4.7
ORotrsotrsMatch2.4.8
ORotrsotrsMatch2.4.9
ORotrsotrsMatch2.4.10
ORotrsotrsMatch3.0.0beta1
ORotrsotrsMatch3.0.0beta2
ORotrsotrsMatch3.0.0beta3
ORotrsotrsMatch3.0.0beta4
ORotrsotrsMatch3.0.0beta5
ORotrsotrsMatch3.0.0beta6
ORotrsotrsMatch3.0.0beta7
ORotrsotrsMatch3.0.1
Related
prion
prion
Input validation
2011-03-18 16:55:00
openvas
openvas
OTRS < 3.0.3 installer.pl Password Disclosure Vulnerability
2013-09-21 00:00:00
nvd
nvd
CVE-2010-4758
2011-03-18 16:55:01
debiancve
debiancve
CVE-2010-4758
2022-10-03 16:21:06
cvelist
cvelist
CVE-2010-4758
2022-10-03 16:21:06
ubuntucve
ubuntucve
CVE-2010-4758
2011-03-18 00:00:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.9%
Related for CVE-2010-4758